Skillget

CloakLLM

mcp
SUMMARY

Open-source PII cloaking + tamper-evident audit logs for LLM API calls

README.md

CloakLLM — Cloak your prompts. Prove your compliance.

PyPI Downloads PyPI Downloads (MCP) npm Downloads

CloakLLM

Cloak your prompts. Prove your compliance.

Open-source PII protection middleware for LLMs. Detect sensitive data, replace it with reversible tokens, and maintain tamper-evident audit logs — all before your prompts leave your infrastructure.

CloakLLM 30-second demo
Watch interactive demo on asciinema

SDKs

SDK Version Install Docs
CloakLLM-PY 0.5.0 pip install cloakllm Python README
CloakLLM-JS 0.5.0 npm install cloakllm JS/TS README
CloakLLM-MCP 0.5.0 python -m mcp run server.py MCP README

What it does

  • PII Detection — emails, SSNs, credit cards, phone numbers, API keys, and more
  • LLM-Powered Detection — opt-in local Ollama integration catches context-dependent PII that regex misses (addresses, medical terms)
  • Reversible Tokenization — deterministic [CATEGORY_N] tokens that preserve context for the LLM
  • Redaction Mode — irreversible [CATEGORY_REDACTED] replacement for GDPR right-to-erasure
  • Tamper-Evident Audit Logs — hash-chained entries for EU AI Act Article 12 compliance
  • Custom LLM Categories — user-defined semantic PII types (PATIENT_ID, EMPLOYEE_NUMBER) via configurable Ollama detection
  • Per-Entity Hashing — deterministic HMAC-SHA256 hashes per detected entity for cross-request correlation without storing PII
  • Performance Metrics — per-pass timing breakdowns (regex, NER, LLM) in audit logs and via shield.metrics() API
  • Incremental StreamingStreamDesanitizer state machine replaces tokens as chunks arrive, no full buffering
  • Cryptographic Attestation — Ed25519-signed sanitization certificates with Merkle tree batch proofs and replay-resistant nonces
  • Multi-Language PII Detection — 13 locales (DE, FR, ES, IT, PT, NL, PL, SE, NO, DK, FI, GB, AU) with locale-specific patterns
  • Context Risk AnalysisContextAnalyzer scores re-identification risk in sanitized text (token density, identifying descriptors, relationship edges)
  • Security Hardened — Ollama SSRF prevention, thread-safe operations, ReDoS protection, CLI PII redaction by default
  • Detection Benchmark — 108-sample labeled PII corpus with recall/precision/F1 harness, CI-enforced thresholds
  • Middleware Integration — drop-in support for LiteLLM and OpenAI SDK (Python) and OpenAI/Vercel AI SDK (JS)
  • MCP Server — use CloakLLM directly from Claude Desktop, Cursor, or any MCP-compatible client

Quick Start

Python

pip install cloakllm

# Option A: OpenAI SDK
from cloakllm import enable_openai
from openai import OpenAI

client = OpenAI()
enable_openai(client)  # Wraps OpenAI SDK — all calls are now protected

# Option B: LiteLLM
import cloakllm
cloakllm.enable()  # Wraps LiteLLM — all calls are now protected

JavaScript / TypeScript

npm install cloakllm

const cloakllm = require('cloakllm');

cloakllm.enable(openaiClient);  // Wraps OpenAI SDK

MCP (Claude Desktop)

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "cloakllm": {
      "command": "python",
      "args": ["-m", "mcp", "run", "server.py"],
      "cwd": "/path/to/cloakllm-mcp"
    }
  }
}

This exposes six tools to Claude: sanitize, sanitize_batch, desanitize, desanitize_batch, analyze, and analyze_batch.

Roadmap

Upcoming: normalized token standard, pluggable detection backends, and enterprise key management.

License

MIT

Reviews (0)

No results found